Search

Guidelines for networking   Advice

Sep 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on networking.

Property-related business email compromise scams rising in Australia   Alert

Aug 30, 2021 - Cybercriminals are targeting the property and real estate sector to conduct business email compromise scams. All parties involved in the buying, selling and leasing of property should be vigilant when communicating via email, particularly during settlement periods.

Gateway security guidance package: Gateway operations and management   Publication

Jul 29, 2025 - This guidance is one part of a package of documents that forms the Australian Signals Directorate (ASD)’s Gateway security guidance package written for audiences responsible for the operation and management of gateways.

Essential Eight maturity model changes   Publication

Nov 27, 2023 - This publication provides an overview of the changes for the November 2023 release.

Creating Strong Passphrases   Guidance

Oct 6, 2021 - The longer your passphrase, the better. As adversaries can crack a short password with very little effort or time, you can increase the time and effort it takes by using a passphrase instead.

New guidance on detecting and mitigating Active Directory compromises   News

Sep 26, 2024 - Does your organisation use Microsoft’s Active Directory? Read our latest guidance on Active Directory compromises now.

Security considerations for edge devices   Publication

Feb 5, 2025 - Edge devices are an important part of many enterprise computing systems. They allow connection across various devices that aid in productivity. However, just like with all technology they are not without their vulnerabilities. Edge devices require attention and diligence to keep data safe and secure.

Guidelines for enterprise mobility   Advice

Sep 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on enterprise mobility.

Shifting the balance of cybersecurity risk   Publication

Oct 17, 2023 - The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and the following international partners provide the recommendations in this guide as a roadmap for technology manufacturers to ensure security of their products.

People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection   Advisory

May 25, 2023 - The People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection joint advisory provides examples of the cyber actor’s commands, along with detection signatures to aid network defenders in hunting for this activity.

Essential Eight maturity model   Publication

Nov 27, 2023 - This publication provides advice on how to implement the Essential Eight.

Small business cloud security guides: Executive overview   Publication

Dec 16, 2022 - In recognition of the increasing prevalence of cloud computing, the Australian Cyber Security Centre (ACSC) has published the Small business cloud security guides. These guides are designed to provide protection against cybersecurity incidents while remaining accessible to organisations which may not have the resources and expertise to implement a more sophisticated strategy.

Implementing application control   Publication

Nov 27, 2023 - Application control is one of the most effective mitigation strategies in ensuring the security of systems. As such, application control forms part of the Essential Eight from the Strategies to mitigate cybersecurity incidents. This publication provides guidance on what application control is, what application control is not, and how to implement application control.

Cyber Security Awareness Month 2025  

Sep 30, 2024 - Take action to protect your networks and digital infrastructure now and into the future.

Essential Eight maturity model and ISM mapping   Publication

Oct 2, 2024 - This publication provides a mapping between the Essential Eight and the controls within the Information security manual (ISM).

Cyber security is essential when preparing for COVID-19   Advisory

Mar 13, 2020 - In light of the COVID-19 pandemic, organisations are developing strategies to protect staff and vulnerable members of our community.

Essential Eight assessment process guide   Publication

Oct 2, 2024 - This publication provides advice on how to assess the implementation of the Essential Eight.

Domain Name System security for domain owners   Publication

Oct 6, 2021 - This publication provides information on DNS security for domain owners. It also shared helpful strategies to reduce the risk of domain misuse.

Gateway security guidance package: Gateway technology guides   Publication

Jul 29, 2025 - This guidance is one part of a package of documents that forms the gateway security guidance package. When designing, procuring, operating, maintaining or disposing of a gateway, it is important to consider all the documents from the gateway security guidance package at different stages of governance, design and implementation, and not to consume this guidance in isolation.

Secure your website   Guidance

Jul 29, 2024 - Small business account for over 95% of all businesses in Australia and 72% of them have a website. However, in a world in which websites are increasingly being targeted by cyber criminals, only 36% check for updates every week. For those small businesses with a website, or that are considering one, these three quick wins will help you protect your money, data and reputation.